<?php
ifi!$_GET['cmd']) {
	if(!perms_check('pages', 'edit') and !perms_check('pages', 'del')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	SQLvalidate($_GET['rec']);
	if(!$_GET['rec'])
		$_GET['rec'] = 0;

	$fields = array ( 'id', 'title', 'text', 'cat', 'author', 'date', 'visible' );

	//sort
	if($_GET['sort']!='ASC' && $_GET['sort'] != 'DESC')
		$_GET['sort']='ASC';
	if(!$_GET['sortby'] or !in_array($_GET['sortby'], $fields))
		$_GET['sortby']='id';
	if($_GET['sort']=='ASC')
		$sortnext='DESC';
	else
		$sortnext='ASC';
	//

	if($_GET['sortby'] == 'title' or $_GET['sortby'] == 'text')
		$_GET['sortby'] .= "_$_SESSION[lang_short]";

	$content = string_template(read_file('admin/themes/pages_header.php'), array("sortnext" => $sortnext));

	//search
	if($_GET['search'])
		$_POST['search']=$_GET['search'];
	$_POST['search']=read_text_rest($_POST['search']); //mozemy potraktowac strip_slasles bo ' s� zamienione na &#39;
	if($_POST['search']){
		$src=str_replace('*', '%', $_POST['search']);
		$sql=" WHERE title_$_SESSION[lang_short] LIKE '%$src%' or text_$_SESSION[lang_short] LIKE '%$src%'";
	}
	else
		$sql='';

	$db = new dbquery;

	$db->query("SELECT * FROM $conf[prefix]pages$sql") or $db->err(__FILE__, __LINE__);
	$q=$db->num_rows();

	$db->query("SELECT * FROM $conf[prefix]pages$sql ORDER BY ".$_GET['sortby']." $_GET[sort] LIMIT $_GET[rec], $conf[admin_per_page]") or $db->err(__FILE__, __LINE__); 
	while($p=$db->fetch_object()) {
		$i++;
		if($i>2)
			$i=1;

		$tlt = "title_$_SESSION[lang_short]";
		$txt = "text_$_SESSION[lang_short]";

		if($p->$txt == '' or $p->$tlt == '') {
			$tlt = 'title_'.$conf['language'];
			$txt = 'text_'.$conf['language'];
		}

		$title = $p->$tlt;
		$text = $p->$txt;

		if($p->cat)
			$cat=get_cat_name_by_id($p->cat);   

		$content .= string_template(read_file('admin/themes/pages_item.php'), array("id" => $p->id, "title" => add_dots(read_text_rest($title), 30), "cat" => $cat, "date" => date($conf['date_format'], strtotime($p->date)), "visible" => $p->visible, "i" => $i));
	}

	$page_link=split_to_pages('<A HREF="index.php?module=admin&action=pages&sortby='.$_GET['sortby'].'&sort='.$_GET['sort'].'&search='.$_POST['search'].'&amp;rec={rec}">{nr}</A>', $conf['admin_per_page'], $q, $_GET['rec']);

	$content .= string_template(read_file('admin/themes/pages_footer.php'), array('page_link' => $page_link));
}
elseif($_GET['cmd']=='edit') {
	if(!perms_check('pages', 'edit')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	SQLvalidate($_GET['id']);

	$db->query("SELECT * FROM $conf[prefix]categories") or $db->err(__FILE__, __LINE__);

	//generating list of categories
	$categories = '<option value="no_category">no_category</option>';
	//

	$db->query("SELECT * FROM $conf[prefix]pages WHERE id='$_GET[id]'") or $db->err(__FILE__, __LINE__);

	//sprawdzanie czy strona istnieje
	if($db->num_rows() == 0) {
		redirect('index.php?module=admin&action=pages');
		exit;
	}
	//

	$d=$db->fetch_object();

	//select author
	$db->query("SELECT * FROM $conf[prefix_users]users") or $db->err(__FILE__, __LINE__);

	while($u=$db->fetch_object()) {
		if($u->id!=$d->author)
			$select_author.='<OPTION VALUE="'.$u->id.'">'.$u->name.' '.$u->surname.' ['. $u->login .']</OPTION>';
		else
			$select_author.='<OPTION VALUE="'.$u->id.'" SELECTED>'.$u->name.' '.$u->surname.' ['. $u->login .']</OPTION>';
	}
	//

	//categories
	if($d->cat == 0)
		$n_sel = ' selected';
	else
		$n_sel = '';

	if(($d->visible) == 1)
		$visible = 'checked';
	else
		$visible = '';

	$ct = NULL;
	list_categories(0, 0, $d->cat, 1, $ct, 0);
	//

	$array = array('theme_path'=>$GLOBALS['theme_path'], 'id' => $d->id, 'cat' => $d->cat, 'function' => 'page_edit', 'c_date' => $d->date, 'c_author' => $select_author, 'c_category' => $ct, 'submit' => $lang['admin_edit'], 'checked' => $visible, 'hints' => $hints, 'n_selected' => $n_sel, "ldate" => date($conf['date_format'], strtotime($d->date)));

	//multi_lang
	$multi = NULL;

	$langs = get_lang_list();
	$languages = get_languages_list();

	$i = 0;

	foreach($langs as $key => $l) {
		$i++;
		if($l==$_SESSION['lang_short']) {
			$icon = 'collapse';
			$style = 'block';
		}
		else {
			$icon = 'expand';
			$style = 'none';
		}

		$multi .= string_template(read_file('admin/themes/pages_form_multi.php'), array('lang' => $l, 'language' => strtoupper($l), 'icon' => $GLOBALS['theme_path'].$GLOBALS['theme_img'][$icon], 'style' => $style, 'i' => $i));
		$t = "title_$l";
		$array["c_$t"] = read_text_rest($d->$t);
		$t = "text_$l";
		$array["c_$t"] = read_text_edit($d->$t);
	}

	$content = string_template(read_file('admin/themes/pages_form.php'), array('multi' => $multi));
	//

	$content = string_template($content, $array);
}
elseif($_GET['cmd'] == 'delete') {
	if(!perms_check('pages', 'del')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	SQLvalidate($_GET['id']);

	$db->query("SELECT * FROM $conf[prefix]pages WHERE id=$_GET[id]") or $db->err(__FILE__, __LINE__);

	//sprawdzanie czy strona istnieje
	if($db->num_rows()==0) {
		redirect('index.php?module=admin&action=pages');
		exit;
	}
	//

	$d = $db->fetch_array();

	$yes='<input type="button" onClick="javascript:location.href=\'index.php?module=pages&function=page_delete&amp;page='.$d['id'].'\'" value="'.$lang['yes'].'" class="button">';
	$no='<input type="button" onClick="javascript:location.href=\'index.php?module=admin&amp;action=pages\'" value="'.$lang['no'].'" class="button">';

	$t = $d["title_$_SESSION[lang_short]"];

	$content = string_template($lang['admin_really_delete'], array('yes' => $yes, 'no' => $no, 'what' => read_text_rest($t)));
}
elseif($_GET['cmd'] == 'add') {
	if(!perms_check('pages', 'add')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	//select author
	$db->query("SELECT * FROM $conf[prefix_users]users") or $db->err(__FILE__, __LINE__);


	while($u=$db->fetch_object()) {
		if($u->id!=$_SESSION['id'])
			$select_author.='<OPTION VALUE="'.$u->id.'">'.$u->name.' '.$u->surname.' ['. $u->login .']</OPTION>';
		else
			$select_author.='<OPTION VALUE="'.$u->id.'" SELECTED>'.$u->name.' '.$u->surname.' ['. $u->login .']</OPTION>';
	}
	//

	$ct = NULL;
	list_categories(0, 0, 'select', 1, $ct, 0);

	$array = array('theme_path'=>$GLOBALS['theme_path'], 'function' => 'page_add', 'c_date' => date('Y-m-d H:i:s'), 'c_author' => $select_author, 'c_category' => $ct, 'submit' => $lang['admin_add'], 'checked' => ' checked', 'hints' => $hints, 'n_selected' => ' selected', 'c_image' => '', 'checked' => ' CHECKED', 'c_size' => '', "ldate" => date($conf['date_format'], strtotime(date('Y-m-d H:i:s'))));

	$multi = NULL;

	$langs = get_lang_list();
	$languages = get_languages_list();

	$i = 0;

	foreach($langs as $key => $l) {
		$i++;
		if($l==$_SESSION['lang_short']) {
			$icon = 'collapse';
			$style = 'block';
		}
		else {
			$icon = 'expand';
			$style = 'none';
		}

		$db->query("SELECT * FROM $conf[prefix]lang WHERE name = 'langname'");
		$ll = $db->fetch_array();

		$multi .= string_template(read_file('admin/themes/pages_form_multi.php'), array('lang' => $l, 'language' => strtoupper($l), 'icon' => $GLOBALS['theme_path'].$GLOBALS['theme_img'][$icon], 'style' => $style, 'i' => $i));
		$t = "title_$l";
		$array["c_$t"] = '';
		$t = "text_$l";
		$array["c_$t"] = '';

		//recover
		if(ereg('module=error', $_SERVER['HTTP_REFERER'])) {
			$t = "title_$l";
			$array["c_$t"] = $_SESSION['recover_'.$t];
			$t = "text_$l";
			$array["c_$t"] = $_SESSION['recover_'.$t];   
		}
		//			
	}

	$content = string_template(read_file('admin/themes/pages_form.php'), array('multi' => $multi));

	$content = string_template($content, $array);

	$hints = read_file('admin/themes/pages_hints.php');
}

$content=string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $content, 'description' => $lang['admin_pages']));
//

?>
